skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or vulnerabilities were detected in the skill instructions or associated scripts.
- [COMMAND_EXECUTION]: The skill provides utility scripts (
init_skill.py,package_skill.py) intended for the agent to use during the development process. These scripts perform safe, local file operations such as directory creation, template writing, and zip archiving. - [SAFE]: The validation logic in
quick_validate.pyusesyaml.safe_load(), which is the security best practice for parsing YAML data to prevent arbitrary code execution during deserialization. - [SAFE]: The script
init_skill.pyapplies executable permissions (0o755) to a newly created example Python file. This is a standard and expected operation for a template generator and does not constitute unauthorized privilege escalation.
Audit Metadata